Login/Register
Rails rack attack gem throttle
Asked Answered
ruby-on-railsruby-on-rails-4rackattack
J

3

8

I don't know why I can not use rack-attack gem Here what I did

Gemfile

gem 'rack-attack'

I ve installed the gem

config/application.rb

config.middleware.use Rack::Attack

initializers/rack-attack.rb

class Rack::Attack

throttle('logins/ip', :limit => 5, :period => 60.seconds) do |req|
  if req.path == '/login' && req.post?
  Rails.logger.error("Rack::Attack Too many login attempts from IP: #{req.ip}")
  req.ip 
  end
end

end

routes.rb

post   'login'   => 'index#create'
root 'index#new'
get 'login' => 'index#new'

I am using Rails 4.2.3 and the rack-attack gem 4.3.0

I wonder what I miss

Jemmie answered 18/11, 2015 at 11:27 Comment(1)
here too. +1. won't work out of the box in developmentQuickie
O
9

make sure you configure cache.store in your initializers/rack-attack.rb file you can configure it like that:

class Rack::Attack
  ...
  cache.store = ActiveSupport::Cache::MemoryStore.new
  ...
end
Ojibwa answered 13/11, 2017 at 15:10 Comment(1)
Using Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new might also work for someRegeniaregensburg
N
1

For development mode you will need to enable the cache using:

rails dev:cache

Refer to: https://www.writesoftwarewell.com/rails-enable-caching-in-development/#:~:text=The%20rails%20dev%3Acache%20command,%2C%20re%2Drun%20the%20command.

Natty answered 18/4, 2024 at 17:48 Comment(1)
While this link may answer the question, it is better to include the essential parts of the answer here and provide the link for reference. Link-only answers can become invalid if the linked page changes. - From ReviewProsthetics
I
0

You may need enable the cache in your development environment

please set config.cache_classes = true in config/environments/development.rb.

Insignificant answered 20/9, 2016 at 10:47 Comment(2)
doesn't work even after enabling cache_class= true in development.rbArdelia
cache_classes is for class loading, not for the cache store. From Rails documentation: config.cache_classes controls whether or not application classes and modules should be reloaded if they change. Defaults to false in development mode, and true in production mode. In test mode, the default is false if Spring is installed, true otherwise.Bowles

© 2022 - 2025 — McMap. All rights reserved.